(jPf® Res ! Q PC7/PTG i,0 DEC 2001 



^TITLE OF INVENTION 



A 



OF COMMERCE P/ 



D TRADEMARK OFFICE 



TRANSMITTAL LETTER TO THE UNITED STATES 
DESIGNATED/ELECTED OFFICE (DO/EO/US) 
CONCERNING A FILING UNDER 35 U.S.C. 371 



(INTERNATIONAL APPLICATION NO. 
PCT/GB 00/02138 



INTERNATIONAL FILING DATE 
February 6, 2000 



ATTORNEY 'S DOCKET NUMBER 

8004-14 (07 39981) 



U.S. APPLICATION NO. (If known, see 37 CFR 1 .5 

10/018002 



PRIORITY DATE CLAIMED 
June 10, 1999 



ELECTRONIC COMMERCE SYSTEM 



APPLICANT(S) FOR DO/EO/US John Quentin pH|LUps 



Applicant herewith submits to the United States Designated/Elected Office (DO/EO/US) the following items and other information: 

1. fxl This is a FIRST submission of items concerning a filing under 35 U.S.C. 371. 

2. □ This is a SECOND or SUBSEQUENT submission of items concerning a filing under 35 U.S.C. 371. 

3. □ This is an express request to begin national examination procedures (35 U.S.C. 371(f)). The submission must include 

items (5), (6), (9) and (21) indicated below. 

4. [3 The US has been elected by the expiration of 19 months from the priority date (Article 3 1). 
5.0 A copy of the International Application as filed (35 U.S.C. 371(c)(2)) 

a. 0 is attached hereto (required only if not communicated by the International Bureau). 

b. 0 has been communicated by the International Bureau. 

c. □ is not required, as the application was filed in the United States Receiving Office (RO/US). 

6. f_l An English language translation of the International Application as filed (35 U.S.C. 371(c)(2)). 

a. fj is attached hereto. 

b. □ has been previously submitted under 35 U.S.C. 154(d)(4). 

7. □ Amendments to the claims of the International Aplication under PCT Article 19 (35 U.S.C. 371(c)(3)) 

a. Q are attached hereto (required only if not communicated by the International Bureau). 

b. fj have been communicated by the International Bureau. 

jj c. O have not been made; however, the time limit for making such amendments has NOT expired. 

d. rj have not been made and will not be made. 

8.0 An English language translation of the amendments to the claims under PCT Article 19 (35 U.S.C. 371 (c)(3)). 
9. □ An oath or declaration of the inventor(s) (35 U.S.C. 371(c)(4)). 

10. LZ1 An English lanugage translation of the annexes of the International Preliminary Examination Report under PCT 

Article 36 (35 U.S.C. 371(c)(5)). 

Items 11 to 20 below concern document(s) or information included: 

1 1. □ An Information Disclosure Statement under 37 CFR 1.97 and 1.98. 

12. Q An assignment document for recording. A separate cover sheet in compliance with 37 CFR 3.28 and 3.31 is included. 

1 3. [X] A FIRST preliminary amendment. 

14. □ A SECOND or SUBSEQUENT preliminary amendment. 
15.1 I A substitute specification. 

1 6. fJJ A change of power of attorney and/or address letter. 

17. D A computer-readable form of the sequence listing in accordance with PCT Rule 13ter.2 and 35 U.S.C. 1.821 - 1.825. 

18. A second copy of the published international application under 35 U.S.C. 154(d)(4). 

1 9. □ A second copy of the English language translation of the international application under 35 U.S.C. 1 54(d)(4). 

20. K\ Other items or information: International search report 



OTRffi'rtPnTIPTn 1 Q DEC 20CT 



application no. pcT/G BOO/02138 



ATTORNEY'S DOCKET NUMBER 

8004-14(07 39981) 



21.JX] The following fees are submitted: 
BASIC NATIONAL FEE (37 CFR 1.492 (a) (1) - (5)): 
Neither international preliminary examination fee (37 CFR 1 .482) 
nor international search fee (37 CFR 1.445(a)(2)) paid to USPTO 

and International Search Report not prepared by the EPO or JPO $1040.00 

International preliminary examination fee (37 CFR 1.482) not paid to 

USPTO but International Search Report prepared by the EPO or JPO $890.00 

International preliminary examination fee (37 CFR 1.482) not paid to USPTO 

but international search fee (37 CFR 1.445(a)(2)) paid to USPTO $740.00 

International preliminary examination fee (37 CFR 1.482) paid to USPTO 

but all claims did not satisfy provisions of PCT Article 33(l)-(4) $710.00 

International preliminary examination fee (37 CFR 1.482) paid to USPTO 

and all claims satisfied provisions of PCT Article 33(l)-(4) $100.00 

ENTER APPROPRIATE BASIC FEE AMOUNT = 



CALCULATIONS PTO USE ONLY 



Surcharge of $130.00 for furnishing the oath or declaration later than Q 20 Q 30 
months from the earliest claimed priority date (37 CFR 1.492(e)). 



NUMBER FILED 



NUMBER EXTRA 



Independent claims 



MULTIPLE DEPENDENT CLAIM(S) (if applicable) 



TOTAL OF ABOVE CALCULATIONS 



$ 1,020.00 



Applicant claims small entity status. See 37 CFR 1.27. The fees indicated above 
are reduced by 1/2. 



$ 510.00 



Processing fee of $130.00 for furnishing the English translation later than Q 20 I I 3 
months from the earliest claimed priority date (37 CFR 1.492(f)). 



$ 510.00 



TOTAL NATIONAL FEE 



$ 510.00 



Fee for recording the enclosed assignment (37 CFR 1.21(h)). The assignment must be 
accompanied by an appropriate cover sheet (37 CFR 3.28, 3.31). $40.00 per property 



TOTAL FEES ENCLOSED 



0 A check in the amount of $ 510 , 00 



_ to cover the above fees is enclosed. 
in the amount of $ 



. to cover the above ft 



. r~] Please charge my Deposit Account No. 

A duplicate copy of this sheet is enclosed. 

. [X] The Commissioner is hereby authorized to charge any additional fees which may be required, or credit any 
overpayment to Deposit Account No. 50-0679 . A duplicate copy of this sheet is enclosed. 

. Q Fees are to be charged to a credit card. WARNING: Information on this form may become public. Credit card 

information should not be included on this form. Provide credit card information and authorization on PTO-2038. 



NOTE: Where an appropriate time limit under 37 CFR 1.494 or 1.495 has not been met, a petition to revive (37 CFR 
1.137 (a) or (b)) must be filed and granted to restore the application to pending status. 

SEND ALL CORRESPONDENCE TO: 

Frank Chau 

F. Chau & Associates, LLP 
1900 Hempstead Turnpike 
Suite 501 

East Meadow, NY 11554 
(516) 357-0091 
(516) 357-0092 (Fax) 



REGISTRATION NUMBER 



FORM PTO- 1390 (REV 9-2001) page2of2 



X07Rec'd PCT/PTO ) o DEC 2001 

10/028002 

PATENT APPLICATION 
Attorney Docket: 8004-14 (07 39981) 
IN THE UNITED STATES PATENT AND TRADEMARK OFFICE 
APPLIC ANT(S) : John Quentin PHILLIPS 

INT'L APPLN. NO. : PCT/GB 00/02138 
INT'L. FILING DATE: February 6, 2000 
FOR: ELECTRONIC COMMERCE SYSTEM 



Assistant Commissioner for Patents 
Washington, D.C. 20231 



CERTIFICATION UNDER 37 C.F.R. § 1.10 

I hereby certify that the following correspondence is being deposited with the 
United States Postal Service on this date December 10. 2001 in an envelope as 
"Express Mail Post Office to Addressee" Mail Label Number EL797416095US 
addressed to: Assistant Commissioner for Patents, U.S. Patent and Trademark Office, 
P.O. Box 2327, Arlington, VA 22202, Attn.: Box Patent Application. 



1 . Transmittal Letter to the United States Designated/Elected 
Office (DO/EO/US) Concerning a Filing Under 35 U.S.C. 371 

2. Preliminary Amendment 

3. Check for $510.00 

4. International Search Report 

5. Return Postcard 



Dated: December 10. 2001 



Frank Chau 



F. CHAU & ASSOCIATES, LLP 
1900 Hempstead Turnpike, Suite 501 
East Meadow, New York 11554 
Tel: (516)357-0091 
Fax: (516) 357-0092 



10/018002 



JG07Rec'dPCT/PT0 1 0 DEC 2001 



Attorney Docket: 8004-14 (07 39981) 



IN THE UNITED STATES PATENT AND TRADEMARK OFFICE 



Applicant(s): 



John Quentin PHILLIPS 



Int'l. Appln. No. 



PCT/GB 00/02138 



Int'l. Filing Date: 



February 6, 2000 



For: 



ELECTRONIC COMMERCE SYSTEM 



Assistant Commissioner for Patents 
Washington, D.C. 20231 



PRELIMINARY AMENDMENT 



Sir: 



Before examination of the above-identified application on the merits, please amend the 
application as follows: 



CERTIFICATE OF MAILING 37 C.F.R. § 1 . 1 0. 
I hereby certify that this correspondence (and any document referred to as being attached or enclosed) are being deposited with the 
United States Postal Service on this date December 10. 2001 in an envelope as "Express Mail Post Office to Addressee" Mailing Label Number 
EL797416095US addressed to: U.S. Patent and Trademark Office, P.O. Box 2327, Arlington, VA 22202, Attn.: Box Patent Application. 





1 



IN THE CLAIMS : 

3. (Amended) A user terminal for a system according to claim 1, comprising a 
computer including user input means, modem means and modem control data for controlling the 
modem for establishing communication with the Internet connectivity provider site, wherein the 
modem control data is not modifiable by means of data input using the user input means alone. 

5. (Amended) A World Wide Web vendor site for a system according to claim 1, 
configured to a run a process for processing said action definition, said process being capable of: 

recognizing unsubstituted parameters and recording a transaction in a first manner 
in response thereto; and 

recognizing substituted parameters, which identify a transaction, and recording 
the transaction in a second manner in response thereto. 

8. (Amended) An Internet connectivity provider site for a system according to claim 1, 
including: 

a database of vendor site IP addresses and associated action definitions; 

search means for searching the database for the destination IP address in a 
message from the user terminal; 

identification means responsive to the search means finding an IP address in the 
database to identify said action definition in the message; and 



2 



signaling means for signaling action definition parameters to the financial service 
provider site in dependence on identification of an action definition by the identification means 
and receiving a transaction ID or other data not comprising a payment card number therefrom; 

means for substituting at least a payment card number within the parameter or 
parameters of said action definition with the transaction ID or other data; and 

transmission means for sending the modified message to the vendor site. 

Please add the following new claims: 

10. (New) A user terminal for a system according to claim 2, comprising a computer 
including user input means, modem means and modem control data for controlling the modem 
for establishing communication with the Internet connectivity provider site, wherein the modem 
control data is not modifiable by means of data input using the user input means alone. 

1 1 . (New) A World Wide Web vendor site for a system according to claim 2, configured 
to a run a process for processing said action definition, said process being capable of: 

recognizing unsubstituted parameters and recording a transaction in a first manner 
in response thereto; and 

recognizing substituted parameters, which identify a transaction, and recording 
the transaction in a second manner in response thereto. 

12. (New) An Internet connectivity provider site for a system according to claim 2, 
including: 

a database of vendor site IP addresses and associated action definitions; 
3 



search means for searching the database for the destination IP address in a 
message from the user terminal; 

identification means responsive to the search means finding an IP address in the 
database to identify said action definition in the message; and 

signaling means for signaling action definition parameters to the financial service 
provider site in dependence on identification of an action definition by the identification means 
and receiving a transaction ID or other data not comprising a payment card number therefrom; 

means for substituting at least a payment card number within the parameter or 
parameters of said action definition with the transaction ID or other data; and 

transmission means for sending the modified message to the vendor site. 

REMARKS 

Entry of the Preliminary Amendment prior to the examination of the above-identified 
application on the merits is respectfully requested. No new matter has been added by the 
Preliminary Amendment. Early and favorable consideration of this application is requested. 

Respectfully submitted, 



Mailing Address: 

F. Chau & Associates, LLP 

1900 Hempstead Turnpike, Suite 501 

East Meadow, New York 11554 

(516) 357-0091 

FAX (516) 357-0092 
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Reg. No. 34,136 
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Marked-up Version of Claims 
3. (Amended) A user terminal for a system according to claim 1 [or claim 2], 
comprising a computer including user input means, modem means and modem control data for 
controlling the modem for establishing communication with the Internet connectivity provider 
site, wherein the modem control data is not modifiable by means of data input using the user 
input means alone. 

5. (Amended) A World Wide Web vendor site for a system according to claim 1 [or 
claim 2], configured to a run a process for processing said action definition, said process being 
capable of: 

recognizing unsubstituted parameters and recording a transaction in a first manner 
in response thereto; and 

recognizing substituted parameters, which identify a transaction, and recording 
the transaction in a second manner in response thereto. 

8. (Amended) An Internet connectivity provider site for a system according to claim 1 [or 
claim 2], including: 

a database of vendor site IP addresses and associated action definitions; 

search means for searching the database for the destination IP address in a 
message from the user terminal; 

identification means responsive to the search means finding an IP address in the 
database to identify said action definition in the message; and 
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signaling means for signaling action definition parameters to the financial service 
provider site in dependence on identification of an action definition by the identification means 
and receiving a transaction ID or other data not comprising a payment card number therefrom; 

means for substituting at least a payment card number within the parameter or 
parameters of said action definition with the transaction ID or other data; and 

transmission means for sending the modified message to the vendor site. 
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Electronic Commerce System 
Field of the Invention 

The present invention relates to an electronic commerce system. 
Background to the Invention 

Internet commerce is a rapidly expanding area. Many goods and services can be 
ordered via the Internet. To do this, a user typically uses a web browser, such as 
Netscape Navigator or Microsoft Internet Explorer, to visit a web site of a vendor. 
The web site will include pages enabling the user to select the goods or services 
required and a page containing a form by means of which the user can enter their 
credit or debit card details so that the vendor can receive payment for the ordered 
goods or services. 

A disadvantage of this arrangement is that the user must send their credit or debit 
card details to the vendor via the Internet. The Internet is not a fully secure 
network and there is the possibility that the credit or debit card details may be 
intercepted and used in the perpetration of a fraud. 

Summary of the Invention 

It is an aim of the present invention to provide for Internet commerce whilst 
avoiding the transmission of credit or debit card details via the Internet itself. 

According to the present invention, there is provided an electronic commerce 
system comprising an Internet connectivity provider site, a financial service 
provider site for producing transaction IDs, a user terminal programmed with a web 
browser program, which may be a "microbrowser*' in, for example, a WAP-enabled 
phone, and connectable to the Internet connectivity provider site for accessing the 
Internet, and a World Wide Web vendor site configured for sending a payment card 
information entry form, e.g. an HTML form, having an action definition, e.g. an 
action URL, having at least one parameter, associated therewith, wherein the 
Internet connectivity provider site is configured to intercept messages from the user 
terminal which include said action definition and substitute at least a payment card 
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number (e.g. credit card or debit card number) within the parameter or parameters 
of said action definition with a transaction ID produced by the financial service 
provider site. It should be noted that since the Internet connectivity provider site is 
providing connectivity to the Internet for the user terminal, the user terminal will 
not therefore be communicating with the Internet connectivity provider site via the 
Internet. 

Thus in a system according to the present invention, payment card numbers are 
stripped from messages before the messages enter the Internet. Furthermore, the 
vendor site can still be used by customers, accessing the "World Wide Web by means 
other than the Internet connectivity provider site, and requires minimal 
modification from a typical vendor site configuration. 

The term "World Wide Web" shall be taken to include WAP (Wireless Application 
Protocol) WAE (Wireless Application Environment) origin servers and analogous systems. 

A user terminal for a system according to the present invention preferably comprises a 
computer including user input means, modem means and modem control data for 
controlling the modem for establishing communication with the Internet connectivity 
provider site, wherein the modem control data is not modifiable by means of data input 
using the user input means alone. More preferably, the user terminal includes read-only 
storage means storing an machine-specific ED. This ID can be used to confirm the identity 
of a person sending payment card details from the user terminal. 

A World Wide Web vendor site for a system according to the present invention is 
preferably configured to run a process for processing said action definition, said process 
being capable of:- 

recognising unsubstituted parameters and recording a transaction in a first manner 
in response thereto; and 

recognising substituted parameters, which identify a transaction, and recording the 
transaction in a second manner in response thereto. 
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More preferably, said process is capable of recognising substituted parameters which 
indicate a reason (e.g. insufficient credit or incorrectly entered payment card related data) 
for non-completion of the transaction and sending a page to the user terminal in 
dependence thereon. 

An Internet connectivity provider site for a system according to the present invention 
preferably includes:- 

a database of vendor site IP addresses and associated action definitions; 

search means for searching the database for the destination IP address in a message 
from the user terminal; 

identification means responsive to the search means finding an IP address in the 
database to identify said action definition in the message; and 

signalling means for signalling action definition parameters to the financial service 
provider site in dependence on identification of an action definition by the identification 
means and receiving a transaction ID or other data not comprising a payment card number 
therefrom; 

means for substituting at least a payment card number within the parameter or 
parameters of said action definition with the transaction ID or other data; and 

transmission means for sending the modified message to the vendor site. 

Preferably, the transmission means is configured to mimic the user terminal when 
sending said modified message. 

The Internet connecting provider site may be integrated with the financial service 
provider site. 

Brief Description of the Drawings 

Figure 1 shows the hardware of first, second and third embodiment of the present 
invention; 

Figure 2 shows an exemplary credit card details entry HTML form; and 
Figure 3 shows the hardware of a fourth embodiment of the present invention; 



Detailed Description of Preferred Embodiment 
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Embodiments of the present invention will now be described, by way of example, 
with reference to the accompanying drawings. 

Referring to Figure 1, first, second and third user terminals i, 2, 3 are connectable 
via the pstn (public switched telephone network) 4 to a financial service provider 
site 5. The financial service provider site 5 is connectable via the Internet 6 to first 
and second Internet vendor sites 7, 8. The number of user terminals 1, 2, 3 is not 
restricted to three. Similarly, there may be many more Internet vendor sites than 
the two Internet vendor sites 6, 7 shown. 

The first user terminal 1 comprises a pad -type computer, such as the Cyrix® 
WebPAD™, which includes a modem. WindowsCE is used as the operating system 
for the first user terminal 1. However, the dial-up networking configuration user 
interface is disabled so that a user cannot alter the Internet connectivity provider 
used for Internet access. A web browser program is provided on the first user 
terminal 1 so that the user can access the World Wide Web using the terminars 
modem. 

The second and third user terminals 2, 3 are of the same construction as the first 
user terminal 1. 

The vendor sites 7, 8 comprise web servers. The vendor sites 7, 8 provide HTML 
forms (Figure 2) that enable a user to enter their credit card number and expiry date 
and their address. 

The financial service provider site 5 comprises a modem bank 10 connected 
between the pstn 4 and a communication computer 11. The communication 
computer 1 1 is also connected to the Internet 6 and to a transaction processor 
comprising a transaction computer 12 and a database 13. The financial service 
30 provider site 5 also comprises a domain name server (DNS) 14. The financial 
service provider site 5 is thus configured for the financial service provider to 
provide Internet connectivity to the user terminals 1, 2, 3. 
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All datagrams to be sent via the Internet 6 from user terminals 1, 2, 3 pass through 
the communication computer 11. The communication computer 11 contains a 
database of registered vendor sites 7, 8 including their IP addresses and the "action" 
URL of the vendor's credit card details form. 

The making of a purchase by the user of user terminal 1 from the first Internet 
vendor site 7 will now be described. It will be appreciated that the method is 
effected by a conventional web browser running on the first user terminal 1 and 
custom programs running on the communication computer 11, the transaction 
10 computer 12 and the web server at the first vendor site 7. 

The user of the first user terminal 1 switches on the first user teminal 1 and runs the 
web browser program. This causes the first user terminal 1 to dial up the financial 
service provider site 5 and log on as with any Internet connectivity provider 
providing dial-up Internet access. The web browser will submit an initial URL, e.g. 
for a search engine such as Yahoo or Alta Vista, or the home page of the financial 
service provider. 

A name resolver process running on the first user terminal sends the server part of 
the URL to the DNS 14 and receives back the IP address of that server. The URL 
is then sent from the first user terminal 1 in a message to the returned IP address. 

The datagrams from the first user terminal are received by the communication 
machine 11. The communication machine 11 reads the destination IP address in the 
25 header of the first datagram or a message and looks it up in its database of 

registered vendor sites. Since, in this case, the IP address is not for a registered 
vendor site, the first datagram is forwarded immediately to the Internet 6 and the 
subsequent datagrams of the message are forwarded as soon as possible to the 
Internet 6. In this case the communication computer 111 now operates merely as a 
30 router for subsequent datagrams of the message. 

The destination server responds to the URL in the message from the first user 
terminal 1 by replying with a message containing HTML code for a page. The 
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datagrams of this message are routed by the Internet 6 to the communication 
computer 11 which then routes then via the modem bank 10 along the pstn 
connection to the first user terminal 1. The web browser, running on the first user 
terminal 1, then displays the page defined by the HTML in the reply message. 

The system operates in this manner until, the first user terminal 1 sends a URL 
addressed to, for example, the first vendor site 7 which, for example, identifies the 
vendor's home page. In this case, the communication computer 1 1 finds the 
destintion IP address in the first datagram of the message containing the URL in its 
database. Thus, rather than immediately forwarding the datagrams of the message, 
the communication computer 1 1 caches the datagrams until the whole message has 
been received. When the whole message has been received, the communication 
machine 11 analyses the message to determine whether it contains the "action" URL 
of the destination vendor's credit card details form as contained in its database. 
Since, the URL is for the vendor's home page, the datagrams are now forwarded 
unmodified to the first vendor site 7 via the Internet 7. 



=p At the TCP level, once the communication computer 1 1 has identified that a 

datagram from the first user terminal 1 is addressed to the first vendor site 7, it 

O 20 must respond to the first user terminal 1 as if it were the first vendor site 7 for 
connection set up, data transfer and connection termination. Also, when the 
communication computer 11 forwards the cached message to the first vendor site 7, 
it must mimic the first user terminal 1 so that the response to the sent URL is 
correctly addressed to the first user terminal 1 and lost or corrupted datagrams are 
25 retransmitted. 



It will now be assumed that the user of the first user terminal 1 has decided to make 
a purchase and has received the first vendor's credit card details form. The user 
fills in the form and clicks on the SUBMIT button (see Figure 2). This causes the 
30 form's action URL to be submitted. The message containing the action URL is 
intercepted by the communication machine 11 as described above. However, the 
communication computer 1 1 now determines that the action URL is present. 
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On determining that the action URL is present, the communication computer 11 
sends the action URL to the transaction computer 12. The transaction computer 12 
compares the data in the action URL with card holder details in the database 13. If 
the data is incorrect, e.g. the address is not that of the card holder, the transaction 
5 computer 12 sends back the message "invalid" to the communication computer 11. 
The communication computer 11 then strips the data from the action URL and 
replaced it with the name -value pair " details = invalid". The reconstucted action 
URL is then sent to the first vendor site 7 with the communication computer 1 1 
mimicking the first user terminal 1. 

It will be appreciated that a standard action URL used by all vendors would simplify 
the extraction of the card and user details from the action URL. 

The process at the first vendor site 7, which handles the action URL, identifies the 
"details= invalid" name-value pair and sends an error warning HTML page to the 
first user terminal 1. This page is then displayed by the web browser running on the 
first user terminal 1. 

If the data in the action URL is correct, the transaction computer 12 generates a 
unique transaction ID, which it stores in the database 13 against the card holder's 
account, and sends the transaction ID to the communication computer 11. The 
communication computer 11 then strips the data from the action URL and replaced 
it with the name-value pair "ID=nnnnnnnn" where n is a character of the 
transaction ID. The reconstucted action URL is then sent to the first vendor site 7 
with the communication computer 11 mimicking the first user terminal 1. 

On receiving the modified action URL, the action URL-handling process of the first 
vendor site 7 validates and logs the transaction ID for later confirmation of the 
transaction with the credit card company and sends a confirmation HTML page to 
30 the first user terminal 1. 

Logged transaction IDs are send by a secure means, e.g. a direct pstn connection, to 
the credit card company together with the amount to be charged. The credit card 
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company then compares the transaction ID with the records in the database 13 
before authorising the transfer of funds to the first vendor. 

In a second embodiment having the hardware configuration shown in Figure 1, the 
action URL produced by the credit card form (Figure 2) includes the value of the 
transaction. This information is sent by the communication computer 1 1 to the 
transaction computer 12 with the credit card number and card holder details. The 
transaction computer 12 then determines by reference to the database 13 whether 
the user has sufficient credit for the transaction. If the user does not have 
sufficient credit for the transaction, the transaction computer 12 sends the message 
"insufficient credit" to the communication computer 11. The communication 
computer 1 1 then strips the data from the action URL and replaced it with the 
name-value pair "details insufficient credit". The reconstucted action URL is then 
sent to the first vendor site 7 with the communication computer 1 1 mimicking the 
first user terminal 1. 

The process at the first vendor site 7, which handles the action URL, identifies the 
"details=insufficient credit" name-value pair and sends an error warning HTML 
page to the first user terminal 1. This page is then displayed by the web browser 
running on the first user terminal 1. 

In a third embodiment having the hardware configuration shown in Figure 1, the 
user terminals 1, 2, 3 are provided with unique IDs, e.g. chip-specific IDs for their 
processors. In this case, the operation of the communication computer 11 is 
modified so that on receipt of an action URL for a registerer vendor site 6, 7, it 
sends a message to the user terminal 1, 2, 3 requesting the ID. A process running 
on the user terminal 1, 2, 3 responds to this message by sending the ID back to the 
communication computer 11. If the ID is not received by the communication 
machine within a predetermined time the connection to the user terminal 1, 2, 3 is 
dropped as it is assumed that the user terminal 1, 2, 3 is not an authorised terminal. 

If an ID is received, it is passed to the transaction computer 12 with the data from 
the action URL. The transaction computer 12 tries to match the ID with the credit 
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card number. If there is a match, the process proceeds as in the first embodiment. 
However, if there is not a match, the transaction computer 12 sends the message 
"imposter" to the communication computer 11 which responds by dropping the 
connection to the user terminal 1, 2, 3. 

In either exception condition, caller line identification (CLI) can be used to identify 
the telephone line used to dial into the financial service provider site 5. This 
number can then be passed to a law-enforcement agency with a report of an 
attempted credit card fraud. 

Referring to Figure 3, first, second and third user terminals 101, 102, 103 are 
connectable via the pstn (public switched telephone network) 104 to an Internet 
connectivity provider site 109. A financial service provider site 105 is connected to 
the Internet connectivity provider site 109 by a leased line 115. Internet 
connectivity provider site 109 is connectable via the Internet 106 to first and second 
Internet vendor sites 107, 108. The number of user terminals 101, 102, 103 is not 
restricted to three. Similarly, there may be many more Internet vendor sites than 
the two Internet vendor sites 106, 107 shown. 

The first user terminal 101 comprises a pad-type computer, such as the Cyrix® 
WebPAD™, which includes a modem. WindowsCE is used as the operating system 
for the first user terminal 101. However, the dial-up networking configuration user 
interface is disabled so that a user cannot alter the Internet connectivity provider 
used for Internet access. A web browser program is provided on the first user 
terminal 101 so that the user can access the World Wide Web using the terminal's 
modem. 

The second and third user terminals 102, 103 are of the same construction as the 
first user terminal 101. 

The vendor sites 107, 108 comprise web servers. The vendor sites 107, 108 provide 
HTML forms (Figure 2) that enable a user to enter their credit card number and 
expiry date and their address. 
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The Internet connectivity provider site 109 comprises a modem bank 110 connected 
between the pstn 104 and a communication computer 111. The communication 
computer 111 is also connected to the Internet 106. The Internet connectivity 
provider site 109 also comprises a domain name server (DNS) 114. 

The financial service provider site 105 comprises a transaction computer 112 and a 
database 113. The transaction computer 112 is connected to the communication 
computer 111 by the leased line 115. 

All datagrams to be sent via the Internet 106 from user terminals 101, 102, 103 pass 
through the communication computer 111. The communication computer 111 
contains a database of registered vendor sites 107, 108 including their IP addresses 
and the "action" URL of the vendor's credit card details form. 

The making of a purchase by the user of user terminal 101 from the first Internet 
vendor site 107 will now be described. It will be appreciated that the method is 
effected by a conventional web browser running on the first user terminal 101 and 
custom programs running on the communication computer 111, the transaction 
computer 112 and the web server at the first vendor site 107. 

The user of the first user terminal 101 switches on the first user teminal 101 and 
runs the web browser program. This causes the first user terminal 101 to dial up 
the Internet connectivity provider site 109 and log on as with any Internet 
connectivity provider providing dial-up Internet access. The web browser will 
submit an initial URL, e.g. for a search engine such as Yahoo or Alta Vista, or the 
home page of the Internet connectivity service provider. 

A name resolver process running on the first user terminal sends the server part of 
the URL to the DNS 114 and receives back the IP address of that server. The URL 
is then sent from the first user terminal 101 in a message to the returned IP address. 
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The datagrams from the first user terminal 101 are received by the communication 
machine 111. The communication machine 111 reads the destination IP address in 
the header of the first datagram and looks it up in its database of registered vendor 
sites. Since, in this case, the IP address is not for a registered vendor site 107, 108, 
the first datagram is forwarded immediately to the Internet 106 and the subsequent 
datagrams of the message are also immediately forwarded to the Internet 106. In 
this case the communication computer 111 now operates merely as a router for 
subsequent datagrams of the message. 

The destination server responds to the URL in the message from the first user 
terminal 101 by replying with a message containing HTML code for a page. The 
datagrams of this message are routed by the Internet 106 to the communication 
computer 111 which then routes then via the modem bank 110 along the pstn 
connection to the first user terminal 101. The web browser, running on the first 
user terminal 101, then displays the page defined by the HTML in the reply 
message. 

The system operates in this manner until, the first user terminal 101 sends a URL 
addressed to the first vendor site 107 which, for example, identifies the vendor's 
home page. In this case, the communication computer 1 1 finds the destintion IP 
address in the first datagram of the message containing the URL in its database. 
Thus rather than immediately forwarding the datagrams of the message, the 
communication computer 111 caches the datagrams until the whole message has 
been received. When the whole message has been received, the communication 
machine 111 analyses the message to determine whether it contains the "action" 
URL of the destination vendor's credit card details form as contained in its 
database. Since, the URL is for the vendor's home page, the datagrams are now 
forwarded unmodified to the first vendor site 107 via the Internet 106. 

At the TCP level, once the communication computer 111 has identified that a 
datagram from the first user terminal 101 is addressed to the first vendor site 107, it 
must respond to the first user terminal 101 as if it were the first vendor site 107 for 
connection set up, data transfer and connection termination. Also, when the 
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communication computer 111 forwards the cached message to the first vendor site 
107, it must mimic the first user terminal 101 so that the response to the sent URL 
is correctly addressed to the first user terminal 101 and lost or corrupted datagrams 
are retransmitted. 

It will now be assumed that the user of the first user terminal 101 has decided to 
make a purchase and has received the first vendor's credit card details form (Figure 
2). The user fills in the form and clicks on the SUBMIT button (Figure 2). This 
causes the form's action URL to be submitted. The message containing the action 
URL is intercepted by the communication machine 111 as described above. 
However, the communication computer 111 now determines that the action URL is 
present. 

On determining that the action URL is present, the communication computer 111 
sends the action URL to the transaction computer 112. The transaction computer 
1 12 compares the data in the action URL with card holder details in the database 
113. If the data is incorrect, e.g. the address is not that of the card holder, the 
transaction computer 112 sends back the message "invalid" to the communication 
computer 111. The communication computer 1 1 1 then strips the data from the 
action URL and replaced it with the name-value pair "details=invalid". The 
reconstucted action URL is then sent to the first vendor site 107 with the 
communication computer 111 mimicking the first user terminal 101. 

The process at the first vendor site 107, which handles the action URL, identifies 
the "details- invalid" name-value pair and sends an error warning HTML page to 
the first user terminal 101. This page is then displayed by the web browser running 
on the first user terminal 101. 

If the data in the action URL is correct, the transaction computer 112 generates a 
unique transaction ID, which it stores in the database 113 against the card holder's 
account, and sends the transaction ID to the communication computer 111. The 
communication computer 111 then strips the data from the action URL and 
replaced it with the name-value pair "ID=nnnnnnnn" where n is a character of the 
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transaction ID. The reconducted action URL is then sent to the first vendor site 
107 with the communication computer 111 mimicking the first user terminal 101. 

On receiving the modified action URL, the action URL-hanciling process of the first 
vendor site 107 validates and logs the transaction ID for later confirmation of the 
transaction with the credit card company and sends a confirmation HTML page to 
the first user terminal 101. 

Logged transaction IDs are send by a secure means, e.g. a direct pstn connection, to 
the credit card company together with the amount to be charged. The credit card 
company then compares the transaction ID with the records in the database 113 
before authorising the transfer of funds to the first vendor. 

In each of the foregoing embodiments, a user cannot change the dial-up networking 
setup of their user terminal 1, 2, 3. However, changing circumstances may make a 
change necessary, e.g. changes in the telephone number to be dialled. These 
changes can be made by means of a JAVA™ or ActiveX applet associated with a 
web page provided by the Internet connectivity providing entity. 

The operation of the communication computer 11, 111 in any of the foregoing 
embodiments may be modified so that all messages from the user terminals 1, 2, 3, 
101, 102, 103 are cached. The communication computer 11, 111 can then analyse 
the content of the messages to determine whether is comprises an action URL of a 
credit card details form of an unregistered "vendor". These messages can then be 
blocked to avoid credit card details being sent to bogus vendors. 

The connection between the user terminals 1, 2, 3, 101, 102, 103 and the 
communication computer 11, 111 may be, but not exclusively so, via a telephone 
circuit, on ISDN connection or a leased line. 

It will be appreciated that may modifications can be made to the above-described 
embodiments to provide security beyond that obtained by avoiding the transmssion 
of credit card details over the Internet. 
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The present invention has been explained with reference to a system employing 
HTML. However, it will be appreciated that with the development of XML, other 
mark up languages, e.g. WML, may be developed that are useable in embodiments 
of the present invention. 
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Claims 

1. An electronic commerce system comprising: - 
an Internet connectivity provider site; 
5 a financial service provider site for producing transaction IDs; 

a user terminal programmed with a web browser program and connectable to 

the Internet connectivity provider site for accessing the Internet; and 

a World Wide Web vendor site configured for sending a payment card information 

entry form having an action definition, having at least one parameter, associated therewith, 
10 wherein the Internet connectivity provider site is configured to intercept messages 

from the user terminal which include said action definition and substitute at least a 

payment card number within the parameter or parameters of said action definition with a 

transaction ID produced by the financial service provider site. 

15 2. A system according to claim 1, wherein said entry form is an HTML form and said 
action definition comprises an action URL defined in the HTML code for said form. 

3. A user terminal for a system according to claim 1 or 2, comprising a computer 
including user input means, modem means and modem control data for controlling the 

20 modem for establishing communication with the Internet connectivity provider site, 

wherein the modem control data is not modifiable by means of data input using the user 
input means alone. 

4. A user terminal according to claim 3, including read-only storage means storing a 
25 machine-specific ID. 

5. A World Wide Web vendor site for a system according to claim 1 or 2, configured 
to run a process for processing said action definition, said process being capable of:- 

recognising unsubstituted parameters and recording a transaction in a first manner 
30 in response thereto; and 

recognising substituted parameters, which identify a transaction, and recording the 
transaction in a second manner in response thereto. 
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6. A World Wide Web vendor site according to claim 5, wherein said process is 
capable of recognising substituted parameters which indicate a reason for non-completion 
of the transaction and sending an page to the user terminal in dependence thereon. 

7. A World Wide Web vendor site according to claim 5, wherein said reason is 
insufficient credit or incorrectly entered payment card related data. 

8. An Internet connectivity provider site for a system according to claim 1 or 2, 
including:- 

a database of vendor site IP addresses and associated action definitions; 

search means for searching the database for the destination IP address in a message 
from the user terminal; 

identification means responsive to the search means finding an IP address in the 
database to identify said action definition in the message; and 

signalling means for signalling action definition parameters to the financial service 
provider site in dependence on identification of an action definition by the identification 
means and receiving a transaction ID or other data not comprising a payment card number 
therefrom; 

means for substituting at least a payment card number within the parameter or 
parameters of said action definition with the transaction ID or other da ta ; and 

transmission means for sending the modified message to the vendor site. 

9. An Internet connectivity provider site according to claim 8, wherein the 
transmission means is configured to mimic the user terminal when sending said modified 
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